Hacking Humans - podcast cover

Hacking Humans

N2K Networksthecyberwire.com
News
Tech News
Technology
Deception, influence, and social engineering in the world of cyber crime.
Last refreshed:
Follow on
Apple Podcasts
Spotify
RSS
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Podcasts are better in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episodes

taint analysis (noun) [Word Notes]

The process of software engineers checking the flow of user input in application code to determine if unanticipated input can affect program execution in malicious ways.

Feb 23, 20214 minSeason 1Ep. 35

Including your passwords in your final arrangements.

Guest Sara Teare who is known as 1Password's Minister of Magic talks with Dave about things that people don't consider like custody of the digital keys to your stuff online, Dave and Joe share some listener feedback from Jonathan about replacing outdated equipment (aka an old phone), Joe's story is about ongoing campaign targeting security researchers working on vulnerability research and development at different companies and organizations, Dave's story has a holiday theme: emails pretending to...

Feb 18, 202141 minSeason 3Ep. 135

ATM skimming (noun) [Word Notes]

The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.

Feb 16, 20215 minSeason 1Ep. 34

In the disinformation and misinformation crosshairs.

Carole Theriault returns with a discussion on disinformation with guest, BBC host, podcaster and author Tim Harford, Dave's got a story about Covid vaccine phishing campaigns, Joe's story talks about data breaches that have increased 50% year over year since 2018, and our Catch of the Day is from a listener named John his wife saw on Facebook who translated it from Lithuanian. Links to stories: Count Yourself in For a Vaccine Phish Deep Analysis of More than 60,000 Breach Reports Over Three Year...

Feb 11, 202137 minSeason 3Ep. 134

APT side hustle (noun) [Word Notes]

A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.

Feb 09, 20215 minSeason 1Ep. 33

Understanding human behavior is a key to security.

Guest Nico Popp of Forcepoint joins Dave to discuss why understanding human behavior is a major key to security, Dave & Joe discuss some listener follow-up about a Craigslist posting, Joe's story is about a scam website that is promising refunds to consumers all over the world, Dave shares a story about scam calls coming from call centers in India, and our Catch of the Day is from a listener about an email from former first lady Melania Trump. Links to stories: FTC warns of scam website that...

Feb 04, 202140 minSeason 3Ep. 133

endpoint (noun) [Word Notes}

A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack.

Feb 02, 20216 minSeason 1Ep. 32

Covid has shifted the way we deal with money and increased fraud.

Guest Eric Solis of MOVO Cash talks with Dave about the increase of fraud attacks on consumers and businesses by not having a body of regulations for digital payments, Dave's story is about his recent pillow purchase prompting him to do online reviews for an extra bonus, Joe shares some details from Verizon's Cyber-Espionage report, and our Catch of the Day is a letter from a listener named Jim who had a bad eBay transaction. Links to stories: Amazon is trying to crack down on fraudulent reviews...

Jan 28, 202141 minSeason 3Ep. 132

Targeted phishing campaigns and lottery scams abound.

Guest Arjun Sambamoorthy of Armorblox talks with Dave about five targeted phishing campaigns that weaponize various Google services during their attack flow, Joe's story is about the MegaMillions jackpot that is approaching epic proportions and attracting the attention of scammers, Dave's story comes from a listener over on the Grumpy Old Geeks podcast about a Venmo incident, and our Catch of the Day comes from Joe's son who received an email from the FBI. Links to stories: Advisory: Beware of S...

Jan 21, 202134 minSeason 3Ep. 131

Daemon (noun) [Word Notes]

An operating system program running in the background designed to perform a specific task when certain conditions or events occur.

Jan 19, 20215 minSeason 1Ep. 30

As B2C interactions shift online, call centers become new fraud vector.

Guest Umesh Sachdev of Uniphore talks with Dave about how call centers are becoming the new fraud vector, Dave's story involves an email that has a Trump scandal .jar file attached that's really a RAT, Joe has a story about hackers spoofing a victim's phone number making emergency calls where the police respond to the victim's home with force, he also talks about credential stuffing for swatting a video doorbell, and our Catch of the Day comes from a listener Christian who received an email with...

Jan 14, 202139 minSeason 3Ep. 130

greyware (noun) [Word Notes]

Also known as spyware and adware, it is a software category where developers design the application neither to cause explicit harm nor to accomplish some conventional legitimate purpose, but when run, usually annoys the user and often performs actions that the developer did not disclose, and that the user regards as undesirable.

Jan 12, 20215 minSeason 1Ep. 29

Combating growing online financial fraud.

Dave switches gears and shares a story from the National Law Review with a social engineering spin to it about a theft exclusion in a title company's errors and omissions policy, Joe shares a story from Facebook taking action against hacking groups, The Catch of the Day comes Joe himself with a connection request he received on LinkedIn, and later in the show, Dave's conversation with Carey O’Connor Kolaja from AU10TIX on fraud in the financial services and payment industry, and how organization...

Jan 07, 202136 minSeason 3Ep. 129

Unix (noun) [Word Notes]

A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s.

Jan 05, 20215 minSeason 1Ep. 27

fuzzing (noun) [Word Notes]

An automatic software bug and vulnerability discovery technique that input's invalid, unexpected and/or random data or fuzz into a program and then monitors the program's reaction to it.

Jan 05, 20215 minSeason 1Ep. 28

Encore: Don't go looking for morality here. [Hacking Humans]

Dave has a story of an investment scam featuring celebrities, Joe warns of scams surrounding the Coronavirus, the Catch of the Day features Joe's son-in-law's adventure with thousands of bot infiltrations, and later in the show, Dave's extended interview with magicians and entertainers Penn and Teller at RSAC 2020 in San Francisco. Links to stories: Revealed: fake 'traders' allegedly prey on victims in global investment scam Coronavirus: Scammers follow the headlines Have a Catch of the Day you'...

Dec 31, 202039 min

Encore: Separating fools from money. [Hacking Humans]

Dave shares a story of airport penetration testing with high degree of yuck-factor. Joe explores research on protecting passwords from social engineering. The catch-of-the-day comes courtesy of Graham Cluley's email spam box. Dave interviews Wired's Security Staff Writer Lily Hay Newman on her article tracking Nigerian email scammers. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter ....

Dec 24, 202030 min

rootkit (noun) [Word Notes]

A clandestine set of applications designed to give hackers access and control over a target device.

Dec 22, 20207 minSeason 1Ep. 25

Phishing lures that may be in your inbox soon, and how to deal "left of bang."

Joe talks about phishing lures with holiday packages, current events, and things he expects to see in your inbox soon, Dave's shares a blog post on how to troll a Nigerian prince, The Catch of the Day comes from a listener named Christian who received an email from an ill churchgoer that tests US knowledge of geography, and later in the show, Carole Theriault returns with a conversation with Rebecca McKeown, an independent Chartered Psychologist, with experience researching and evaluating learni...

Dec 17, 202037 minSeason 3Ep. 128

identity theft (noun) [Word Notes]

In this case Identity is the set of credentials, usually electronic that vouch for who you are and theft is to steal. The theft of a person's identity for purposes of fraud.

Dec 15, 20204 minSeason 1Ep. 22

The landscape has shifted for holiday shopping to online.

Joe provides some listener feedback on allowing site notifications, Dave shares good news in his story about taking down money mules, Joe's got not as good news about a phishing campaign targeting the COVID-19 vaccine cold chain, The Catch of the Day comes from a listener named Virginia who received a phishing email impersonating a bank, and later in the show, Dave's conversation with Neal Dennis from Cyware on the cybersecurity concerns and pitfalls customers need to look out for and why ecomme...

Dec 10, 202033 minSeason 3Ep. 127

Virtual Private Network (VPN) (noun) [Word Notes}

A software, hardware or hybrid encryption layer between two devices on the network that makes the traffic between the sites opaque to the other devices on the same network.

Dec 08, 20206 minSeason 1Ep. 20

Going behind the scenes and preventing social engineering in financial institutions.

Joe has a story about fake websites with advanced profiling tools and malicious software by OceanLotus, Dave's story is about sites that ask if it's ok to send you notifications, The Catch of the Day comes from a listener named William who received a phishing email from the boss, and later in the show, Dave's conversation with Mike Slaugh from USAA on his predictions for 2021 and best practices for organizations to protect themselves and consumers, including creating better means of identity ver...

Dec 03, 202039 minSeason 3Ep. 126

Network Time Protocol (NTP) attack (noun) [Word Notes]

A reflection or amplification distributed denial-of-service attack in which hackers query Internet network time protocol servers, NTP servers for short, for the correct time, but spoof the destination address of their target victims.

Dec 01, 20207 minSeason 1Ep. 19

smishing (SMS phishing) (noun) [Word Notes]

From the intrusion kill-chain model, the delivery of a “lure” via a text message to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. Smishing is a portmanteau word made of two other words, the acronym “SMS” and the cyber coinage “Phishing“. It’s a text-message-centric variation of the email-based phishing scams that have been around since the 1990s. The term “Smishing” arose in the late 2000s....

Dec 01, 20205 minSeason 1Ep. 18

Encore: Wearing a mask in the Oval Office and the art of deception.

Joe shares his Classic Cons Part 3, Dave has an Apple device scam story, The Catch of the Day is your assassination heads-up, and later in the show our interview with Jonna Mendez, retired CIA intelligence officer and former Chief of Disguise. Link to story: Twitter Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter ....

Nov 26, 202044 min
← PrevNext →
For the best experience, listen in Metacast app for iOS or Android